| 继承和优先约束驱动的柔性授权机制研究 |
| |
| 引用本文: | 付更丽,曹宝香,夏小娜.继承和优先约束驱动的柔性授权机制研究[J].计算机工程,2010,36(24):119-121. |
| |
| 作者姓名: | 付更丽 曹宝香 夏小娜 |
| |
| 作者单位: | (曲阜师范大学计算机科学学院,山东 日照 276826) |
| |
| 基金项目: | 山东省自然科学基金资助项目,山东省科技攻关计划基金资助项目 |
| |
| 摘 要: | 针对权限系统中存在角色授权策略单一和授权冲突的问题,设计IPC_URBAC模型,在RBAC模型的基础上增加继承约束的用户直接授权机制和优先约束的用户角色分配机制,提出基于个体和优先的授权冲突解决策略,并给出用户权限和角色权限的求解算法。运用IPC_URBAC,构造二进制授权掩码进行复杂权限设置,应用Web Service完成细粒度权限检查,达到权限与业务的剥离,实现一种与业务无关的柔性授权系统。
|
| 关 键 词: | 角色 继承和优先约束 柔性授权 授权冲突 权限掩码 |
Research on Flexible Authorization Mechanism Driven by Inheritance and Priority Constraint |
| |
| FU Geng-li,CAO Bao-xiang,XIA Xiao-na.Research on Flexible Authorization Mechanism Driven by Inheritance and Priority Constraint[J].Computer Engineering,2010,36(24):119-121. |
| |
| Authors: | FU Geng-li CAO Bao-xiang XIA Xiao-na |
| |
| Affiliation: | (Computer Science College, Qufu Normal University, Rizhao 276826, China) |
| |
| Abstract: | In view of drawbacks of current permission systems and role authorization, this paper designs IPC_URBAC model, adds user direct authorization mechanism based on user inheritance constraint and user role assignment mechanism based on priority constraint, puts forward authorization conflict resolution strategy based on individual and priority, and gives algorithms for solving the set of privileges belonged to a user and a role. It uses IPC_URBAC model, designs binary authorization mask to resolve setting problem of complex permission, and separates permission controls from concrete business by using Web service to complete the fine-grained permissions check, realizes a flexible authorization system having nothing to do with business. |
| |
| Keywords: | role inheritance and priority constraint flexible authorization authorization conflict permission mask |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
